Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- Storing md5 hash of a password in database and comparing it
- $userName=strip_tags($userName);
- $pass=strip_tags($pass);
- $userName= htmlentities($userName, ENT_QUOTES, 'UTF-8');
- $pass= htmlentities($pass, ENT_QUOTES, 'UTF-8');
- $userName=mysql_real_escape_string($userName);
- $pass=mysql_real_escape_string($pass);
- $salt = 'SHIFLETT';
- $password_hash = md5($salt . md5($pass.$salt));
- function validateLogin($user_name, $pass)
- {
- $userName=strip_tags($userName);
- $pass=strip_tags($pass);
- $userName= htmlentities($userName, ENT_QUOTES, 'UTF-8');
- $pass= htmlentities($pass, ENT_QUOTES, 'UTF-8');
- $userName=mysql_real_escape_string($userName);
- $pass=mysql_real_escape_string($pass);
- $salt = 'SHIFLETT';
- $password_hash = md5($salt . md5($pass.$salt));
- $result=mysql_query("SELECT COUNT(*) AS Result FROM users WHERE user_name='$user_name' AND pass='$password_hash'");
- mysql_close();
- if($row=mysql_fetch_array($result))
- {
- if($row['Result']>0)
- {
- echo "Login successful";
- }
- else
- {
- echo "Login unsuccessful";
- }
- }
- }
- function hashPassword($str)
- {
- return hash("sha512", $str . "salt");
- }
- $password_hash = hashPassword($_POST['password']);
- $username = mysql_real_escape_string($_POST['username']);
- mysql> create table users (
- -> id int primary key auto_increment,
- -> username varchar(20),
- -> password char(128));
- $check = "select id from users where username = '$username' and password = '$password_hash'";
- $result = mysql_query($check);
- if(mysql_num_rows($result))
- {
- echo "<p>Login was successful!</p>n";
- }
- $pass=mysql_real_escape_string($pass);
Add Comment
Please, Sign In to add comment